Jonathan Langer, Co-Founder & CEOThe WannaCry ransomware attack that wreaked havoc across multiple industries in 2017 showed zero leniencies when affecting sensitive, mission-critical devices at hospitals and other clinical ecosystems. The founders of Medigate needed no more compelling reasons to start a cybersecurity company than ensuring patient safety and privacy from cyberattacks targeting networked medical devices. “After all, cyber risk in healthcare is not just about the confidentiality of information, but it also links directly to patient health and well-being. Through rigorous research and interactions with healthcare CISOs and security research labs, we understood the very technical and operational foundations of medical devices frameworks, and as a result, were able to identify some gaping vulnerability loopholes,” says Jonathan Langer, co-founder and CEO of Medigate.
Until now, the healthcare industry has relied on traditional security solutions such as NACs, firewalls and IoT solutions to protect their networks and medical devices. As evidenced by the growing number of attacks and breaches, these traditional solutions aren’t enough to tackle the complex problem of securing inherently vulnerable medical devices on clinical networks. Medical devices require a tailored security solution that will work in tandem with IoT security solutions and NACs. “Medical devices use proprietary protocols created by each manufacturer, making understanding and managing them a challenging proposition. The security infrastructure and firewalls intended to protect IoT devices cannot understand the unique protocols used by medical devices. There is an abundance of important medical device data that is being overlooked in the current model. Fingerprinting each medical device down to a very granular level is one of the areas where Medigate excels,” adds Langer.
Medigate’s dedicated medical device security platform adopts a three-pronged approach to help hospitals and device manufacturers secure their devices. The platform provides superior visibility into clinical networks. Its proprietary deep packet inspection technology can easily read into and make sense of device protocols.
The ability to “fingerprint” the devices in a clinical setting enables administrators to achieve a holistic view of all devices in use; this adds additional value from an asset management perspective. As Langer recalls, a client of Medigate was able to track up to 40 numerous devices that they never knew were connected.
Medical IoT is a unique subset of IoT that requires deep domain expertise and dedicated solutions to deliver effective protection and asset management. Medigate is proud to be the pioneer and market leader in this space
The platform’s clinical anomaly detection feature is capable of sending alerts at the instance of potential breaches. Medigate has sharpened the security flaw detection capabilities of its platform to such an extent that it can even detect anomalies in clinical processes. For example, the system alerts when an MRI machine communicates with an infusion pump, because it knows that the communication is irregular and out of scope. Medigate adopts a “prevention-through-integration” approach to defend hospitals from breaches by clinically enriching the existing security firewalls that they have. The platform currently integrates with Palo Alto Networks’ next generation firewall and Cisco ISE. Medigate plans to rapidly expand its platform’s integration capabilities with additional security solutions as well.
Medigate’s rapid deployment process centers on identifying the ins and outs of their clients’ unique network topologies, after which the company recommends ideal installation options. In addition to aligning itself with architecture and installation mandates that are “stricter” than HIPAA, Medigate’s non-intrusive platform can quickly and smoothly so customers can quickly begin identifying and securing their connected medical devices.